<?php
include_once('../@base/portal.php');
// include_once('../@base/logfile.php');
// include_once('../@base/database.php');

function login($userstring, $userpasswd)
{
    $sql = '';
    if (is_numeric($userstring)) {
        $sql = "SELECT * FROM oprec_security_data WHERE number = {$userstring}";
    } else {
        $sql = "SELECT * FROM oprec_security_data WHERE name = '{$userstring}'";
    }
    // if (conf('debug')) logfile('LOGIN_SQL', $sql);
    $res = exec_sql($sql);
    $status = -1;
    $userbase = null;
    $userinfo = null;
    if ($res && count($res) == 1) {
        if ($res[0]['passwd'] == $userpasswd) {
            if ($res[0]['level'] > 0) {
                $status = 0;
                $userbase = array(
                    'name' => $res[0]['name'],
                    'number' => (int) $res[0]['number'],
                    'passwd' => $res[0]['passwd'],
                    'level' => (int) $res[0]['level'],
                    'token' => '...'
                );
                $userinfo = $res[0];
            } else {
                $status = 3;
            }
        } else {
            $status = 2;
        }
    } else {
        $status = 1;
    }
    $result = array(
        'status' => $status,
        'userbase' => $userbase,
        'userinfo' => $userinfo
    );
    // if (conf('debug')) logfile('LOGIN_OUTPUT', var_export($result, true));
    return $result;
}
